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IN THE CLAIMS 

1 . (withdrawn) A method for replacing an existing authentication keying variable K 
with a new authentication keying variable K' generated jfrom K, the method comprising: 

generating a first authentication word, Wi, based on the existing keying variable K, a 
counter, C, and a master keying variable, KM; 

selecting a portion of Wi as a first portion of K'; and 

completing remaining portions of K' by iteratively: 

generating new authentication words, based on KM, and a concatenation of 
a prior authentication word and K; and 

selectmg an additional portion of Wn as an additional portion of K'. 

2. (withdrawn) The method of claim 1, wherein generating new authentication 
words, Wn, comprises generating new authentication words based on C, KM, and a 
concatenation of an immediately prior authentication word Wn-i and K. 

3. (withdrawn) The method of claim 1, wherein K' is different in length than K. 

4. (withdrawn) The method of claim 1, wherein K' is equal in length to K. 

5. (withdrawn) The method of claim 1, further comprising receiving an 
authentication keying variable replacement message at an appliance. 

6. (withdrawn) The method of claim 1 , wherein selecting a portion of Wt comprises 
selecting 8-bits of Wi. 
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7. (withdrawn) The method of claim 6, wherein selecting a portion of Wi comprises 
selecting the first 8-bits of Wi . 

8. (withdrawn) The method of claim 1, wherein selecting an additional portion of 
Wn as an additional portion of K' comprises selecting the first 8-bits of Wn as n* 8-bits of K'. 

9. (withdrawn) A replacement authentication key generator comprising: 
a processing circuit; and 

a memory coupled to the processing circuit, the memory storing instructions for 
execution by the processing circuit for: 

generating a first authentication word, Wi, based on the existing keying variable 
K, a counter, C, and a master keying variable, KM; 

selecting a portion of W| as a first portion of K'; and 

completing remaining portions of K' by iterati vely : 

generating new authentication words, Wn based on C, KM, and a 
concatenation of a prior authentication word and K; and 

selecting an additional portion of Wn as an additional portion of K'. 

1 0. (withdrawn) The replacement authentication key generator of claim 9, wherein 
the instructions for generating new authentication words, Wn, comprises generating new 
authentication words based on C, KM, and a concatenation of an immediately prior 
authentication word Wq.i and K. 
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1 1 . (withdrawn) The replacement authoitication key generator of claim 9, wherein 
K' is different in length than K. 

12. (withdrawn) The replacement authentication key generator of claim 9, wherein 
K' is equal in length to K. 

13. (withdrawn) The replacement authentication key generator of claim 9, wherein 
the instructions for selecting a portion of Wi comprises selecting S-bits of Wj. 

14. (withdrawn) The replacement authentication key generator of claim 13, wherein 
the instructions for selecting a portion of Wi comprises selecting the first 8-bits of Wt. 

1 5 . (withdrawn) The replacement authentication key generator of claim 9, wherein 
the instructions for selecting an additional portion of Wn as an additional portion of K' comprises 
selecting tiie first 8-bits of W„ as n**" 8-bits of K'. 

1 6. (currently amended) In an appliance communication network, a method for 
authenticating ^pliance messages, the method comprising: 

maintaining at an appliance communication center a shared message counter, the shared 
message coimter shared between the communication center and a remotely located apphance; 

generatin g a first authentication word bv applying an appliance message and the shared 
message counter, as stored in the communication center, to an authentication algorithm to 
generat e a first authentication word; an d algorithm: and 

transmitting the ^liance message and the first authentication word as an authenticated 
message to the appliance. 

17. (original) The method of claim 16, further comprising: 
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receiving the authenticated message at the appliance; 

applying the shared message counter, as stored in the apphance, and the appliance 
message to the authentication algorithm to generate a second authentication word; and 

comparing the first authentication word and the second authentication word to determine 
authenticity of the authenticated message. 

18. (original) The method of claim 17, further comprising incrementing the shared 
message coimter, as stored in the appliance, after receiving a genuine authenticated message at 
the appliance. 

19. (original) The method of claim 16, wherein applying comprises applying an 
authentication keying variable, K. 

20 (currently amended) The method of claim 19, wherein applying comprises: 

estabhshing a working register R, comprising at least bytes RO, Rl , R2, R3 ; 

initializing R3 to a directional code, representing a transmission fi-om the appliance 
communication center to the appliance; 

initiaUzing at least R2, Rl, and RO to the bytes C2, CI, and CO of the shared message 
counter, as stored in the commimication center, respectively; 

iteratively performing, q first number of tim e s, th e atcpc of: 

^ erformin ffperforming at least one arithmetic, logical and shifting operation on R; 

and 

ohifting R; and 
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setting the first authentication word equal to the vahie contained in R. 

21 . (currently amended) The method of claim 20, wherein iterativelv p erforming a 
transformation ofat least one arithmet i c, logical and shifting operation on R comprises iteratively 
performing, as many times as there are bytes in K, the steps of: 

establishing an index, equal to the greater of: 

a non-zero constant; and 



a number of bytes in the appliance m essage less one; 



and 



iteratively performing, a number of times equal to the index plus one: 

forming P as fee-de tadot product of R2 and RO; 

forming Q as tho bitwis c a bitwise exclusive or of P with the congtant a 
constant expression '01010101'; 

forming S by adding Q to K; 

forming S' by end around rotating S; 

forming T as the bitwise exclusive or of S' and R3; 

forming F as the bitwise exclusive or of T with a byte of the apphance 

message; and 

replacing R3 with R2, R2 with Rl, Rl with RO, and RO with F. 
22.; (original) The method of claim 21, wherein the non-zero constant is at least 3. 
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23 . (origixial) The method of claim 16, wherein maintaining comprises maintaining a 
separate shared counter for a plurality of appliances. 

24. (original) The method of claim 16, further comprising incrementing the shared 
message counter, as stored in the communication center, after transmitting the authenticated 
message to the appliance. 

25. (currently amended) An appliance commimication center comprising: 
network connections terminating at appliances; 

a processing circuit; 

a memory storing a plurality of shared coxmters, each shared counter shared between the 
communication center and an appliance, the memory further storing instructions for; 

maintaining at an appliance communication center a shared message counter, the 
shared message counter shared between the communication center and a remotely located 
appliance; 

generating a first authentication word bv applying an appliance message and the 
shared message counter, as stored in the communication center, to an authentication algorithm to 
g enemt e a first authontiGation word; an d algorithm: and 

transmitting the appliance message and the first authentication word as an 
authenticated message to the ^pHance. 

26. (original) The appliance conMu\mication center of claim 25, wherein the 
instructions for maintaining comprises maintaining a sq}arate shared counter for a plurahty of 
appliances. 

7 



PACE 1 1/25 * RCVD AT 11)8/2004 5:33:50 PM [Eastern Standard TimeJ * SVR:USPTO-EFXRF-1/10 » DNIS:B729306 * CSID:3146215065 * DURATION (mm-ss):0&-20 



11/08/04 16:37 FAI 3146215065 



©012 



VIA FACSLMILE (703)872-9306 



9D-HR-19614-Daum et al. 

PATENT 



27. (currently amended) The appliance communication center of claim 25, wherein 
mfitruotioHsmemorv fiirther oompris estores instructions for incrementing the shared message 

counter, as stored in the communication center, after transmitting the authenticated message to 
the appliance. 

28. (currently amended) In an appUance, an appliance message authentication device 
comprising: 

a processor; and 

a memory coupled to the processor, the mernory storing instructions for execution by the 
processor for: 

r e ooiving tho r eceiving an authenticated messag e, including a first authentication 
word and an appliance message, at the appUance; 

generating a second authentication word bv applying tho shoro da shared message 
counter, as stored in the appliance, and the appliance message te-fe eto an authentication 
algorithm to gonorato a cccond authentioation word; an d algorithm: and 

comparing the first authentication word and the second authentication word to 
determine authenticity of the authenticated message.' 

29. (currently amended) The apphance message authentication device of claim 28, 
wherein the iHiJtmctionfl fiirthor compri s em emorv stores instructions for execution bv the 
processor for incrementing the shared message counter, as stored in the apphance, after receiving 
a genuine authenticated message at the ^pliance. 

j 

30. (currently amended) In an appUance communication network, a method for 

I 

authenticating appUance messages, the method comprising: 

i ; 

! 

8 I 
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maintaining at an appliance a shared message counter, the shared message counter shared 
between the appliance and a remotely located ^pUance communication center; 

generating a first authentication word bv applying an appUance message and the shared 
message counter, as stored in the appliance, to an authentication algorithm to g e nerate a first 
Quthontication word; an d algorithm: and 

transmitting the appliance message and the first authentication word as an authenticated 
message to the appliance conmiunication center. 

31. (original) The method of claim 30, further comprising; 

receiving the authenticated message at the appliance communication center; 

applying the shared message counter, as stored in the appliance communication 
center, and the appliance message to the authentication algorithm to generate a second 
authentication word; and 

comparing the first authentication word and the second authentication word to 
determine authenticity of the authenticated message. 
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